On Fri, 3 Aug 2018, Tom Herbert wrote:
You could say the same the thing about extension headers, SCTP and DCCP, and even IPv6 itself since it still doesn't work everywhere. The only protocols an application can _rely_ on working is TCP over plain IPv4. That is current LCD. If the advice is that applications only use protocols they can rely on, then Internet is stuck in time.
I know plenty places where the only thing that works is TCP/80 and TCP/443. I know other places where the only thing usable is a SOCKS proxy. There are exactly zero protocols/ip version that an application can rely on. There are now operators which do not provide native IPv4 access, you have to use NAT64.
There is no such thing as a "sure thing".
IMO, there should be a way for applications to use "alternative" features and protocols with a fallback mechanism if necessary. For instance, if the application had a priori knowledge that all nodes in a path supported fragmentation, then there should be no issue with it using fragmentation when sending on that path. Applying the car analogy, if I look at a map and don't see any unpaved roads on the route to my destination, then I can leave my four wheel drive all terrain vehicle at home and take my Ferrari instead. I think that a generalization of "Happy Eyeballs" might be a solution that discovers and maps what features and protocols work on what paths.
This is exactly what I am saying.
Per the draft at hand, I think the advice to try to avoid fragmentation is practical under the current circumstances. However, I think that recommendation needs to be heavily qualified and scoped appropriately. A general statement that applications shouldn't rely on fragmentation cannot be interpreted as acceptance of non-conformant implementation or as a free pass that middleboxes don't need to fix there stuff.
I would encourage everybody who wants the Internet to improve (and I support this), so get "someone" to fund work in freely available Internet access validation and testing. The best tool I know of is ICSI Netalyzr. I use this all the time to validate that what we come up with works for "everything". Yet, that tool is not complete and source code is not available. The CAIDA Spoofer project is also of interest.
So get someone with resources to allocate them to that work, that might actually improve things. Lots of people have no idea that their new fangled design of access solution doesn't work properly. I see this all the time "oh, we just turn on MSS adjust and everything works." "Err, what about fragmented IP packets and PMTUD?" "The what and the what???"
So this is not just about vendors and ISPs being evil and cheap, this is also largely of ignorance on all sides as well.
-- Mikael Abrahamsson email: swm...@swm.pp.se _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
